First published: Tue Aug 08 2023(Updated: )
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
Credit: security@zoom.us security@zoom.us
Affected Software | Affected Version | How to fix |
---|---|---|
Zoom Zoom | <5.15.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Zoom Desktop Client for Windows vulnerability is CVE-2023-39209.
The severity of CVE-2023-39209 is medium with a CVSS score of 6.5.
CVE-2023-39209 allows an authenticated user to enable an information disclosure via network access in the Zoom Desktop Client for Windows before version 5.15.5.
An authenticated user can exploit CVE-2023-39209 by leveraging improper input validation to enable an information disclosure via network access.
To fix the CVE-2023-39209 vulnerability, update your Zoom Desktop Client for Windows to version 5.15.5 or later.